DEAR THEO · DEARTHEO.APP ·T
How we handle your data

Security and data handling, built in from day one

We're in early access, and we take your data seriously from the start. Here's exactly what we hold today — a waitlist email — and how the platform is built to protect your work when accounts open.

What's true today

Commitments we can stand behind right now

Encrypted in transit

Everything to and from this site travels over HTTPS. Your details are never sent in the clear.

No tracking

No third-party analytics, ad networks, or tracking pixels. We don't follow you around the web.

Bot-protected signup

The waitlist form is guarded by Cloudflare Turnstile — no data broker, no CAPTCHA gauntlet.

Never sold

We don't sell or rent your email, and you can have it deleted whenever you want.

Today, and what's ahead

What we hold now, and how we'll protect more later

What we hold today

The public site is a waitlist. The only personal data we store is the email you sign up with, kept in Google Cloud Firestore with a timestamp and your language preference.

  • Waitlist email in Google Cloud Firestore
  • Bot protection via Cloudflare Turnstile
  • One confirmation email via Resend
  • No accounts, no passwords, no payments

How the site is served

The site runs on managed infrastructure we don't have to hand-secure ourselves, and everything travels encrypted.

  • Hosting on Vercel
  • Data on Google Cloud / Firebase
  • Bot protection on Cloudflare
  • HTTPS/TLS everywhere
When early access opens

Sign-in through Google

When accounts open, you'll sign in with Google OAuth — so there's no password for us to store or leak — and your workspace will be scoped to you and your organization.

  • Google OAuth sign-in
  • No passwords stored
  • Organization-scoped access
When early access opens

Your keys, encrypted

If you connect your own model API keys, they'll be encrypted at rest before they're stored, and your content won't be used to train public models.

  • API keys encrypted at rest (Fernet)
  • Encrypted before storage
  • No training on your content
Our privacy commitment

We don't sell your data, and we don't track you

Here's what that means in practice today.

What we collect today

Only what the waitlist needs: your email address, your language preference, a timestamp, and the page that referred you. No account, no profile, no browsing history.

What we don't do

  • We don't sell or rent your email
  • We don't run third-party analytics or ad trackers
  • We don't use your content to train public AI models
  • We don't store passwords — there are no accounts yet

Removing your data

You can have your waitlist entry deleted at any time — just email us. No account, no forms, no delay.

Reporting a security issue

Found something that looks off? We'd rather hear about it. Email us and we'll acknowledge your report and work with you on a fix.

Report a security issue: julianurregoruiz@gmail.com

Responsible disclosure: Please give us a reasonable chance to fix an issue before disclosing it publicly.

Read our privacy policy
DEAR THEO · DEARTHEO.APP ·T

Questions about security?

Join the waitlist and ask us anything about how your data is handled once you're in.